FinCEN's Deepfake Alert: How Socure Is Already Ahead of the Curve

At Socure, we’re constantly working to stay ahead of the fraud landscape. With that in mind, we wanted to highlight FinCEN’s November 2024 alert regarding the use of deepfakes in financial fraud. 

While many in the industry are just beginning to grasp the severity of this threat, Socure has been proactively working to build and implement a comprehensive strategy to tackle these challenges head-on. It’s reassuring to see that many of the red flags identified by FinCEN align closely with the controls Socure’s DocV solution supports, which are used by many large financial institutions today. 

Our defense-in-depth strategy provides multiple layers of protection to counter the increasing sophistication of fraud driven predominantly by advancements in technology. We’ve designed our solutions to address the facets of these threats through layered detection mechanisms for a dynamic approach to fraud prevention.

Here’s how we view defense-in-depth, and how our offerings align with the red flags raised by FinCEN:

1. Inconsistent Identity Documents: Identity documents showing signs of tampering — such as alterations to the document, headshot, or barcode — are a significant red flag. Socure addresses this by employing a suite of computer vision models that detect tampering across every element of a document submission, beginning right at the point of capture.

   We ensure a high-quality, blur-free, and glare-free image to facilitate accurate data extraction and fraud analysis. Beyond analyzing document patterns and text for tampering, we also inspect headshots for portrait substitution and validate barcode data using our patented fraud detection models, ensuring consistency and authenticity. These capabilities are further supported by our presentation attack detection models, including paper and screen detection, providing a comprehensive assessment of document authenticity.

2. Same Image Used Across Multiple Identity Documents: When the same image is detected across multiple identity documents, it suggests potential fraudulent activity. Socure’s Image Alert List is used to catch instances where the same headshot or identity is used with different identity documents or Personally Identifiable Information (PII) elements in real time to detect fraud attempts early.
3. Mismatched Document and PII Information: A key red flag is the inconsistency between document data and the user’s provided PII. Our solution cross-references document data with user-submitted information, catching mismatches using our AI-driven data comparison and validation tools. Additionally, Socure’s network intelligence graph database further enhances confidence by correlating PII elements across our network, providing a more comprehensive view of data consistency.
4. Unusual Behavioral Traits or Third-Party Plugins During Verification: Behavioral anomalies during the verification process, such as using third-party webcam plugins or attempting to change communication methods due to excessive glitches, are red flags. Socure combats this with our presentation attack detection models, digital intelligence signals that look at anomalies within a given device, and injection attack detection capabilities to identify camera takeovers or suspicious behaviors to help prevent fraudulent activities.
5. Inconsistent Geographic or Device Data: A customer’s geographic or device data being inconsistent with their identity documents is another red flag. Socure addresses this with our proprietary entity profiler, which correlates identity information with device data, checking whether the device has been associated with different identities, along with other signals like VPN, associated ISPs, location, or inconsistent behaviors, correlating to the user’s digital footprint. This helps ensure that the identity and device are correlated, providing a higher level of confidence in the verification process.
6. Potential Use of Gen AI or Deepfake Content in Customer Profiles: FinCEN also flagged the use of Gen AI-generated text or deepfake elements in customer profiles or responses. Socure’s deepfake detection models are designed to analyze selfie and document images by identifying subtle patterns and inconsistencies that indicate synthetic generation. These models anchor their analysis against a baseline of how selfies and document images typically appear when captured in live, authentic scenarios. By comparing submitted images to these natural benchmarks, the models can detect generative irregularities and artifacts that deviate from expected norms or exhibit traits associated with synthetic image generation. This anchoring ensures a higher level of accuracy in identifying fraudulent activities, effectively flagging deepfakes.

With our robust multi-layered detection approach, Socure DocV helps ensure that financial institutions are well protected against evolving fraud tactics, including those highlighted in FinCEN’s alert. We remain committed to staying at the forefront of fraud prevention, evolving our technologies as new threats emerge.

At Socure, innovation is at the heart of everything we do. In October we were recognized as a Leader among 11 vendors in the 2024 Gartner® Magic Quadrant™ for Identity Verification — download a copy of the report here.